On Mon, 21 Feb 2005, Philip Hazel wrote:
>
> I need (if I ever get time) to get up to speed on dynamically loading
> things.
Things are rather simpler from the porting point of view than they were a
few years ago, because the dlopen() API has become a de facto standard
(even on non-ELF systems).
> My (unexpert) worry is the danger of loading the wrong thing and
> thereby causing a security problem. This is not an issue on hosts where
> there are no user login accounts, of course. Is this just a matter of
> suitable documentation?
I've added a forbid_filter_dlfunc option, which should probably also be
mentioned alongside the compile-time EXPAND_DLFUNC option to warn
sysadmins that they may want to adjust their configuration file when
compiling in the feature.
An alternative design which might be safer (if forbid_filter_dlfunc is
accidentally omitted) would be to have a global dynamically_loaded_objects
option which specifies which files to load, and have ${dlfunc only specify
the function name. I decided that lazy loading of dynamic code and
function searching would be easier to implement if the file and function
were specified together.
${perl and ${run have similar security concerns.
Tony.
--
<fanf@???> <dot@???>
http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
